[cisco-nas] AS5350 ISDN Problems

GLO glotieno at kenyaweb.com
Fri Feb 27 08:59:22 EST 2004 

Thanks Mark!

As you observed I had not aplied the access-lists 160 and  internet  on the
5350.

Now my remaining headache are  the connections that don't allow transmision
of data.

I  will appreciate further suggestions on this.

Thanks,

George.

----- Original Message ----- 
From: "Mark Johnson" <mljohnso at cisco.com>
To: "GLO" <glotieno at kenyaweb.com>
Cc: "Helen Robison, Voice SP Solution Engineering" <hrobison at cisco.com>;
<cisco-nas at puck.nether.net>
Sent: Thursday, February 26, 2004 8:47 PM
Subject: Re: [cisco-nas] AS5350 ISDN Problems


> At 02:57 PM 2/26/2004 +0300, GLO wrote:
> >Hi
> >
> >Thanks for the response.
> >For the users that connect but cannot transmit,  I have checked and:-
> >LCP and IPCP are OPEN
> >the user has an IP address assigned
> >the user's IP address is in the routing table
> >
> >For the disconects; I have done the suggested aaa and ppp debugs but
can't
> >seem to deduce anything much from the output.
> >I have attached the debug output incase you have any ideas.
>
> Here is the smoking gun, so to speak:
>
> 3w4d: As2/50 AAA/AUTHOR/IP: authorization failed
>
> And if you look at what is being authorized/downloaded from the AAA
server:
>
> 3w4d: As2/50 AAA/AUTHOR (736691766): Post authorization status = PASS_REPL
> 3w4d: As2/50 AAA/AUTHOR/IPCP: Processing AV service=ppp
> 3w4d: As2/50 AAA/AUTHOR/IPCP: Processing AV addr=2.1.9.2
> 3w4d: As2/50 AAA/AUTHOR/IPCP: Processing AV outacl=internet
> 3w4d: As2/50 AAA/AUTHOR/IPCP: Processing AV inacl=160
> 3w4d: As2/50 AAA/AUTHOR/IPCP: Authorization succeeded
>
> I suppose the problem could be that you don't have access-lists 160
> or internet defined on the 5350.  Is that possible?
>
> mark
>
> >Thanks,
> >
> >George.
> >
> >----- Original Message -----
> >From: "Mark Johnson" <mljohnso at cisco.com>
> >To: "GLO" <glotieno at kenyaweb.com>
> >Sent: Wednesday, February 25, 2004 10:04 PM
> >Subject: Re: [cisco-nas] AS5350 ISDN Problems
> >
> >
> > > At 07:34 PM 2/25/2004 +0300, you wrote:
> > > >I have a Cisco access server AS5350 with E1 modules; and I am
> >experiencing a
> > > >strange problem.
> > > >Some dialup calls on the ISDN line connect but the users can't
transmit
> >data
> > > >(can't even ping the assigned IP).
> > >
> > > Some things to check when a user is connected:
> > >
> > > sh int  async xx        make sure LCP and IPCP are OPEN
> > > sh caller xx            make sure the user has an IP address assigned
> > > sh ip route x.x.x.x     make sure the user's IP address is in the
routing
> >table
> > > debug ip icmp           ping from the remote and confirm if you see
the
> >ICMP
> > >                            echo requests at the 5350 (und all when
done)
> > >
> > > >Other users disconnect immediately after authentication.
> > >
> > > debug ppp neg
> > > debug ppp err
> > > debug aaa author
> > > debug aaa authen
> > >
> > > Confirm *who* initiates the disconnect (who sends the LCP TERMREQ).
> > > If it's the remote, you need to check there.  If it's the 5350,
> > > hopefully the debug will indicate why.
> > >
> > > Good luck,
> > >
> > > mark
> > >
> > >
>

More information about the cisco-nas mailing list